0

I have a website set up step by step after the external login instructions. I have added Support for mobile login after the xamarin webauthentication instructions.

Logging in works fine by now, but accessing a controller with [Authorize] attribute just won't happen.

Looking at the sample WebAuthenticator in Xamarin.Essentials. After receiving the access_token, how do I use it for another HttpClient request?

I was assuming it was a Bearer, so I tried:

client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", App.AccessToken);

I still get 401 from the service.

Same with postman. It is a bearer token from the properties when I receive it in aspnet. It feels like something is missing in the web service configuration.

I tried adding .AddJwtBearer(); but same result so far...

Carl R
  • 8,104
  • 5
  • 48
  • 80
  • Did you try to debug what happens when you try to make the call through Postman? Whatever you do through the app and whatever information you send through the app to the web service, you should be able to send through postman or a curl command in the terminal. Once you make the call from there, you should be able to set a break point and follow through the steps to see why you’re getting an error. – Saamer May 04 '20 at 01:54
  • @Saamer Yes, I get 401 in postman too. I wish there was something to debug, but it's all nuget middleware and attributes. I've found no way to tell whats happening beyond registering a request response logging middleware class to see the headers and cookies. There is no svc-logging or diagni – Carl R May 04 '20 at 04:45
  • diagnostics trace afaik, no glimpse, prefix only gives some request info. I dont have dotTrace or intellitrace available. – Carl R May 04 '20 at 04:48
  • @Saamer This is what the Startup.cs looks like https://github.com/xamarin/Essentials/blob/develop/Samples/Sample.Server.WebAuthenticator/Startup.cs – Carl R May 04 '20 at 05:42
  • Carl since you’re getting an issue through postman as well, it’s clear that the issue is not in your Xamarin solution. You have to figure out a valid request object your backend accepts so that it can succeed through postman first – Saamer May 04 '20 at 09:44
  • @Saamer It's a sample from Xamarin I'm trying to understand. I don't understand how they intend us to use the token but as a bearer token. But then why does the sample server look like it does? Maybe the sample and the instructions is not "complete" but just part of a concept. – Carl R May 04 '20 at 10:05
  • Oh so you mean you didn’t make any changes to the projects. You just ran them but you’re not able to build it? – Saamer May 04 '20 at 10:10
  • Have you tried to go through the instructions here https://learn.microsoft.com/en-ca/xamarin/essentials/web-authenticator?context=xamarin%2Fxamarin-forms&tabs=ios – Saamer May 04 '20 at 10:17
  • @Saamer Yes, it is exactly that I'm doing. The sample is the complete implementation of it. With that setup the access_token can't be used. Something is missing. It looks like a complete concept, but it's not. So I wonder what to do to complete it. – Carl R May 04 '20 at 11:55

1 Answers1

0

The access_token is not a valid JwtBearerToken and is not indended for anything but calling google api's. It can't be used as identification between the app and the backend.

Carl R
  • 8,104
  • 5
  • 48
  • 80